CVE-2022-23872: XSS
First published: Mon Jan 31 2022(Updated: )
Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configure.php via the parameter footer_info.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Emlog Emlog | =1.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is vulnerability CVE-2022-23872?
CVE-2022-23872 is a stored cross-site scripting (XSS) vulnerability in Emlog pro v1.1.1.
What is the severity of CVE-2022-23872?
The severity of CVE-2022-23872 is medium with a CVSS score of 4.8.
How can CVE-2022-23872 be exploited?
CVE-2022-23872 can be exploited by injecting malicious code into the footer_info parameter in the /admin/configure.php component of Emlog pro v1.1.1.
Is there a fix available for CVE-2022-23872?
Yes, a fix for CVE-2022-23872 is available. Users should update to a patched version of Emlog pro.
Where can I find more information about CVE-2022-23872?
More information about CVE-2022-23872 can be found at the following references: [https://github.com/emlog/emlog/issues/147](https://github.com/emlog/emlog/issues/147) and [https://github.com/truonghuuphuc/CVE](https://github.com/truonghuuphuc/CVE).
- collector/nvd-index
- agent/weakness
- agent/type
- vendor/emlog
- canonical/emlog emlog
- version/emlog emlog/1.1.1